PDC acceptance criteria
David Collier-Brown
David.Collier-Brown at canada.sun.com
Thu Oct 5 12:44:08 GMT 2000
Steve Langasek wrote:
> To do this with at least as much security as is used in the NT implementation,
> at a minimum you would want rsync/rdist with ssh.
For data which isn't "plaintext equivalent", NFS
is adequate and very widespread (;-))
For plaintext, any replication system without
encryption with non-online keys is an invitation
to abuse. We're just fighting the equivalent problem
at work, which reduces to the "key distribution
problem". This is annoying, as we'd really like
something less amateur than the ^$%#%$!!! NT scheme.
As, the hashes are plaintext equivalent: I'd
prefer to avoid them in favor of Kerberos.
--dave
--
David Collier-Brown, | Always do right. This will gratify some people
185 Ellerslie Ave., | and astonish the rest. -- Mark Twain
Willowdale, Ontario | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com
More information about the samba-technical
mailing list